...
| Code Block | ||
|---|---|---|
| ||
int opener(FILE* file, int *width, int *height, int *data_offset) {
int file_w;
int file_h;
int file_o;
int offset = 0;
if (file == NULL) { return -1; }
if (fscanf(file, "%i %i %i", &file_w, &file_h, &file_o) != 3) { return -1; }
if (fsetpos(file, &offset) != 0) { return -1; }
*width = file_w;
*height = file_h;
*data_offset = file_o;
return 0;
}
|
...
| Code Block | ||
|---|---|---|
| ||
errno_t opener(FILE* file, int *width, int *height, int *data_offset) {
int file_w;
int file_h;
int file_o;
int rc;
fpos_t offset;
if (file == NULL) { return EINVAL; }
rc = fgetpos(file, &offset);
if (rc != 0) { return (errno_t)rc; }
if (fscanf(file, "%i %i %i", &file_w, &file_h, &file_o) != 3) { return EIO; }
rc = fsetpos(file, &offset);
if (rc != 0) { return -1; }
*width = file_w;
*height = file_h;
*data_offset = file_o;
return 0;
}
|
Risk Assessment
The misuse of fsetpos() could move a file stream read to a undesired location in the file. If this location held input from user the user would then gain control of the variables being read from the fileFailing to test for error conditions can lead to vulnerabilities of varying severity. Declaring functions that return an errno with a return type of errno_t will not eliminate this problem, but will help mitigate in its mitigation.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DCL09-A | 1 (low) | 1 (low) | 2 (medium) | P2 | L3 |
...